Overview of wpa_cli

Wpa_cli:

The wpa_cli utility is a text-based front-end program for interacting with wpa_supplicant. You can use it to query the current status, change the configuration, trigger events, and request interactive user input. 
 

Prerequisites to using wpa_cli:

A working wireless interface with wpa_supplicant running on it
The wpa_cli utility can show the current authentication status, selected security mode, dot11 and dot1x MIBs, etc. In addition, it can configure some variables like EAPOL state machine parameters and trigger events like reassociation and IEEE 802.1X logoff/logon. 

The wpa_cli utilities supports interactive and command-line modes. Both modes share the same command set, and the main difference is in interactive mode providing access to unsolicited messages (event messages, user name/password requests).


Interactive mode is started when wpa_cli is executed without any parameters on the command line. Commands are then entered from the controlling terminal in response to the wpa_cli prompt.
In command line mode, the same commands are entered as command line arguments.

Syntax:

wpa_cli  [-p path to ctrl sockets] 
         [-i ifname] 
         [-hvB] [-a action file] 
         [-P pid file] [command ... ]

Options:

-p path

Change the path where control sockets should be found.
Eg:wpa_cli -p /var/run/ctrl_interface
 

-i ifname

Specify the interface that is being configured. By default, choose the first interface found with a control socket in the socket path. 
Eg: wpa_cli -iwlan0 

-h

Help. Show a usage message.

-v

Show version information. 

-B

Run as a daemon in the background.

-a file

Run in daemon mode executing the action file based on events from wpa_supplicant. The specified file will be executed with the first argument set to the interface name, and the second to CONNECT or DISCONNECT, depending on the event.

-P file

Set the location of the PID file.

command

Run a command

  Eg: p2p_find, p2p_connect, p2p_group_add, p2p_group_remove, p2p_peer, p2p_peers, all_sta e.t.c.

Overview of WPA_Supplicant

WPA_Supplicant:

wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). It is suitable for both desktop/laptop computers and embedded systems.

wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. wpa_supplicant supports separate frontend programs and a text-based frontend (wpa_cli) and a GUI (wpa_gui) are included with wpa_supplicant.

wpa_supplicant implements a control interface that can be used by external programs to control the operations of the wpa_supplicant daemon and to get status information and event notifications.

wpa_supplicant was designed to be portable for different drivers and operating systems. Hopefully, support for more wlan cards and OSes will be added in the future.

Before wpa_supplicant can do its work, the network interface must be available. That means that the physical device must be present and enabled, and the driver for the device must have be loaded. Note, however, that the -w option of the wpa_supplicant daemon instructs the daemon to continue to run and to wait for the interface to become available. Without the -w option, the daemon will exit immediately if the device isn't already available.

The wpa_supplicant utility is an implementation of the WPA Supplicant component, i.e., the part that runs in the client stations. It implements WPA key negotiation with a WPA Authenticator and EAP authentication with Authentication Server. In addition, it controls the roaming and IEEE 802.11 authentication/association of the wireless LAN driver.

After wpa_supplicant has configured the network device, higher level configuration such as DHCP may proceed.
The following steps are used when associating with an AP using WPA:

1. wpa_supplicant requests the driver to scan neighboring BSSes
2. wpa_supplicant selects a BSS based on its configuration
3. wpa_supplicant requests the driver to associate with the chosen BSS
4. If WPA-EAP: integrated IEEE 802.1X Supplicant or external Xsupplicant completes EAP authentication with the authentication server (proxied by the Authenticator in the AP)
5. If WPA-EAP: master key is received from the IEEE 802.1X Supplicant
6. If WPA-PSK: wpa_supplicant uses PSK as the master session key
7. wpa_supplicant completes WPA 4-Way Handshake and Group Key Handshake with the Authenticator (AP)
8. wpa_supplicant configures encryption keys for unicast and broadcast
9. normal data packets can be transmitted and received 
   
   

   Syntax:

   wpa_supplicant [-BddehLqqvw] [-iifname]  
                  [-cconfig file]  
                  [-Ddriver]

   Options:

   -p path

   Change the path where control sockets should be found.

   -i ifname

   Specify the interface that is being configured. By default, choose the first interface found with a control socket in the socket path.

   -h

   Help. Show a usage message.

   -v

   Show version information.

   -B

   Run as a daemon in the background.

   -a file

   Run in daemon mode executing the action file based on events from wpa_supplicant. The specified file will be executed with the first argument set to interface name and second to "CONNECT" or "DISCONNECT" depending on the event. This can be used

   -P file

   Set the location of the PID file.

   command

   Run a command. The available commands are listed in the next section.

   The following commands are available:

   -B

   Run daemon in the background.

   -i ifname

   Interface to listen on.

   -c filename

   Path to configuration file.

   -D driver

   Driver to use. See the available options below.

   -d

   Increase debugging verbosity (-dd even more).

   -K

   Include keys (passwords, etc.) in debug output.

   -t

   Include timestamp in debug messages.

   -e

   Use external IEEE 802.1X Supplicant (e.g., xsupplicant) (this disables the internal Supplicant).

   -h

   Help. Show a usage message.

   -L

   Show license (GPL and BSD).

   -q

   Decrease debugging verbosity (-qq even less).

   -v

   Show version.

   -w

   Wait for the interface to be added, if needed. Normally, wpa_supplicant exits if the interface isn't there yet.

   -N

   Start describing new interface.

   
   

IEEE 802 Wireless Standards:

The IEEE 802 Standard comprises a family of networking standards that cover the physical layer specifications of technologies from Ethernet to wireless. IEEE 802 is subdivided into 22 parts that cover the physical and data-link layers of networking. 

 All the 802.11 specifications use the Ethernet protocol and Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) for path sharing. The original modulation used in 802.11 was phase-shift keying (PSK). However, other schemes, such as complementary code keying (CCK), are used in some of the newer specifications. The newer modulation methods provide higher data speed and reduced vulnerability to interference.

802	Overview	Basics of physical and logical networking concepts.
802.1	Bridging	LAN/MAN bridging and management. Covers management and the lower sub-layers of OSI Layer 2, including MAC-based bridging (Media Access Control), virtual LANs and port-based access control.
802.2	Logical Link	Commonly referred to as the LLC or Logical Link Control specification. The LLC is the top sub-layer in the data-link layer, OSI Layer 2. Interfaces with the network Layer 3.
802.3	Ethernet	"Grandaddy" of the 802 specifications. Provides asynchronous networking using "carrier sense, multiple access with collision detect" (CSMA/CD) over coax, twisted-pair copper, and fiber media. Current speeds range from 10 Mbps to 10 Gbps.
802.4	Token Bus	Disbanded
802.5	Token Ring	The original token-passing standard for twisted-pair, shielded copper cables. Supports copper and fiber cabling from 4 Mbps to 100 Mbps. Often called "IBM Token-Ring."
802.6	Distributed queue dual bus (DQDB)	"Superseded **Revision of 802.1D-1990 edition (ISO/IEC 10038). 802.1D incorporates P802.1p and P802.12e. It also incorporates and supersedes published standards 802.1j and 802.6k. Superseded by 802.1D-2004."
802.7	Broadband LAN Practices	Withdrawn Standard. Withdrawn Date: Feb 07, 2003. No longer endorsed by the IEEE.
802.8	Fiber Optic Practices	Withdrawn PAR. Standards project no longer endorsed by the IEEE.
802.9	Integrated Services LAN	Withdrawn PAR. Standards project no longer endorsed by the IEEE.
802.10	Interoperable LAN security	Superseded **Contains: IEEE Std 802.10b-1992.
802.11	Wi-Fi	Wireless LAN Media Access Control and Physical Layer specification. 802.11a,b,g,etc. are amendments to the original 802.11 standard. Products that implement 802.11 standards must pass tests and are referred to as "Wi-Fi certified."
802.11a		·         Specifies a PHY that operates in the 5 GHz U-NII band in the US - initially 5.15-5.35 AND 5.725-5.85 - since expanded to additional frequencies ·         Uses Orthogonal Frequency-Division Multiplexing ·         Enhanced data speed to 54 Mbps ·         Ratified after 802.11b
802.11b		·         Enhancement to 802.11 that added higher data rate modes to the DSSS (Direct Sequence Spread Spectrum) already defined in the original 802.11 standard ·         Boosted data speed to 11 Mbps ·         22 MHz Bandwidth yields 3 non-overlaping channels in the frequency range of 2.400 GHz to 2.4835 GHz ·         Beacons at 1 Mbps, falls back to 5.5, 2, or 1 Mbps from 11 Mbps max.
802.11d		·         Enhancement to 802.11a and 802.11b that allows for global roaming ·         Particulars can be set at Media Access Control (MAC) layer
802.11e		·         Enhancement to 802.11 that includes quality of service (QoS) features ·         Facilitates prioritization of data, voice, and video transmissions
802.11g		·         Extends the maximum data rate of WLAN devices that operate in the 2.4 GHz band, in a fashion that permits interoperation with 802.11b devices ·         Uses OFDM Modulation (Orthogonal FDM) ·         Operates at up to 54 megabits per second (Mbps), with fall-back speeds that include the "b" speeds
802.11h		·         Enhancement to 802.11a that resolves interference issues ·         Dynamic frequency selection (DFS) ·         Transmit power control (TPC)
802.11i		·         Enhancement to 802.11 that offers additional security for WLAN applications ·         Defines more robust encryption, authentication, and key exchange, as well as options for key caching and pre-authentication
802.11j		·         Japanese regulatory extensions to 802.11a specification ·         Frequency range 4.9 GHz to 5.0 GHz
802.11k		·         Radio resource measurements for networksusing 802.11 family specifications
802.11m		·         Maintenance of 802.11 family specifications ·         Corrections and amendments to existing documentation
802.11n		·         Higher-speed standards -- under development ·         Several competing and non-compatible technologies; often called "pre-n" ·         Top speeds claimed of 108, 240, and 350+ MHz ·         Competing proposals come from the groups, EWC, TGn Sync, and WWiSE and are all variations based on MIMO (multiple input, multiple output)
802.11x		·         Mis-used "generic" term for 802.11 family specifications
802.12	Demand Priority	Increases Ethernet data rate to 100 Mbps by controlling media utilization.
802.13	Not used	Not used
802.14	Cable modems	Withdrawn PAR. Standards project no longer endorsed by the IEEE.
802.15	Wireless Personal Area Networks	Communications specification that was approved in early 2002 by the IEEE for wireless personal area networks (WPANs).
802.15.1	Bluetooth	Short range (10m) wireless technology for cordless mouse, keyboard, and hands-free headset at 2.4 GHz.
802.15.3a	UWB	Short range, high-bandwidth "ultra wideband" link
802.15.4	ZigBee	Short range wireless sensor networks
802.15.5	Mesh Network	·         Extension of network coverage without increasing the transmit power or the receiver sensitivity ·         Enhanced reliability via route redundancy ·         Easier network configuration - Better device battery life
802.16	Wireless Metropolitan Area Networks	This family of standards covers Fixed and Mobile Broadband Wireless Access methods used to create Wireless Metropolitan Area Networks (WMANs.) Connects Base Stations to the Internet using OFDM in unlicensed (900 MHz, 2.4, 5.8 GHz) or licensed (700 MHz, 2.5 – 3.6 GHz) frequency bands. Products that implement 802.16 standards can undergoWiMAX certification testing.
802.17	Resilient Packet Ring	IEEE working group description
802.18	Radio Regulatory TAG	IEEE 802.18 standards committee
802.19	Coexistence	IEEE 802.19 Coexistence Technical Advisory Group
802.20	Mobile Broadband Wireless Access	IEEE 802.20 mission and project scope
802.21	Media Independent Handoff	IEEE 802.21 mission and project scope
802.22	Wireless Regional Area Network	IEEE 802.22 mission and project scope

---

Overview of WEP, WPA &WPA2

Wired Equivalency Protocol (WEP) uses a naive encryption standard that has become virtually useless. WEP was supplanted by WiFi Protected Access (WPA) WPA was found to be too weak too, and it has been supplanted in turn by WiFi Protected Access 2 (WPA2), which seems to be strong enough for now.To support WPA or WPA2, some old Wi-Fi access points firmware upgradation is required. 

WPA2-PSK (Preshared Key) is the strongest and most practical form of WPA for most home users. WPA2 is more secure than WPA because it uses the much stronger AES (Advanced Encryption Standard) protocol for encrypting packets.The encryption key may be from 8 to 63 printable ASCII characters or 64 hexadecimal digits. The maximum length results in 256 bit strength, which is what 64 (hex digits) multiplied by 4 bits/digit yields.

WEP supports two methods of authentication: 
 1. Open System authentication and 
 2. Shared Key authentication.

In Open System authentication(Open-WEP ), the WLAN client need not provide its credentials to the Access Point during authentication. Any client can authenticate with the Access Point and then attempt to associate. In effect, no authentication occurs. Subsequently WEP keys can be used for encrypting data frames. At this point, the client must have the correct keys.

In Shared Key authentication(Shared-WEP), the WEP key is used for authentication in a four step challenge-response handshake:
1.The client sends an authentication request to the Access Point.
2.The Access Point replies with a clear-text challenge.
3.The client encrypts the challenge-text using the configured WEP key, and sends it back in another authentication request.
4.The Access Point decrypts the response. If this matches the challenge-text the Access Point sends back a positive reply.
    After the authentication and association, the pre-shared WEP key is also used for encrypting the data frames using RC4.

Shared-WEP authentication is not secure when compared with Open System authentication, as It is possible to derive the keystream used for the handshake by capturing the challenge frames in Shared Key authentication. Hence, it is advisable to use Open System authentication for WEP authentication, rather than Shared Key authentication.

Check out the following Q&A for better Understanding:

Q. What is Wi-Fi Protected Access?

A.Wi-Fi Protected Access (WPA) is a standards-based security solution from the Wi-Fi Alliance that addresses the vulnerabilities in native WLANs and provides enhanced protection from targeted attacks. WPA addresses all known Wired Equivalent Privacy (WEP) vulnerabilities in the original IEEE 802.11 security implementation and brings an immediate security solution to WLANs in both enterprise and small office/home office (SOHO) environments. WPA uses Temporal Key Integrity Protocol (TKIP) for encryption. WPA is fully supported by the Cisco® Wireless Security Suite and the Cisco Structured Wireless-Aware Network (SWAN).

Q. What is WPA2?

A. WPA2 is the next generation of Wi-Fi security. It is the Wi-Fi Alliance's interoperable implementation of the ratified IEEE 802.11i standard. It implements the National Institute of Standards and Technology (NIST) recommended Advanced Encryption Standard (AES) encryption algorithm using Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP).

Q. What is IEEE 802.11i?

A. IEEE 802.11i defines security standards for WLANs. IEEE 802.11i details stronger encryption, authentication, and key management strategies for wireless data and system security. It includes two new data-confidentiality protocols (TKIP and AES-CCMP), a negotiation process for selecting the correct confidentiality protocol, a key system for each traffic type, key caching, and pre-authentication. For more information, an article written by IEEE 802.11i Working Group Chairperson, David Halasz of Cisco Systems, is available through Embedded.com, at: IEEE 802.11i and Wireless Security.

Q. How are WPA and WPA2 similar?

A. Both WPA and WPA2 offer a high level of assurance for end users and network administrators that their data will remain private and that access to their networks will be restricted to authorized users. Both have personal and enterprise modes of operation that meet the distinct needs of the two market segments. The Enterprise Mode of each uses IEEE 802.1X and extensible authentication protocol (EAP) for authentication.

Q. How are WPA and WPA2 different?

A. WPA2 provides a stronger encryption mechanism through AES, which is a requirement for some corporate and government users. TKIP, the encryption mechanism in WPA, relies on RC4 instead of Triple Data Encryption Standard (3DES), AES, or another encryption algorithm.

Q. Is WPA2 backward-compatible with WPA?

A. Yes. All products that are Wi-Fi Certified for WPA2 are required to be interoperable with products that are Wi-Fi Certified for WPA.